The Monday following the "Black Friday" shopping day has been declared as "Cyber Monday" and millions of people around the world are expected to do much of their holiday shopping online on that day.
With that in mind, here are some tips to help you shop more safely, this holiday season - whether you shop on Cyber Monday or not:
1. Be careful when clicking on email links
This time of year, people are especially vulnerable to "Click now for this amazing offer!" phishing emails. When you receive an enticing email offer, be careful when clicking on that link - what you see on the screen may not match the underlying link. Often, you can hover over the link to see where you're actually being sent but this can sometimes show you a long and confusing link, due to embedded tracking information.
If the sender is one you recognize, and the email is from a vendor to which you've "opted in" to receive email offers, you're probably OK. However, if you have any concerns about the validity of the link, it's better to be safe by typing in the address of the website directly rather than clicking on the link.
Which brings me to tip #2...
2. Use https:// instead of http://
When you're typing the address, you can ensure you get a secure connection by using the "https://" prefix on your web address. The 's' stands for secure, and it encrypts the connection between your browser and the site you're browsing.
More and more websites are offering (or even defaulting to) https: connections, but you can force it by typing the address in yourself. If your site doesn't support https: it is generally OK to browse there, but avoid using insecure sites for shopping, since your payment information is not secure when you transmit it to the site.
Also, your browser can help you - it will often show a lock icon or other indicator, signifying that you have a secure connection to the website.
Clicking on the website address will show you the full path, which should start with https: as shown above.
3. Shop using official apps
If you shop from your mobile device and the site you're shopping with has an official app, use it. This can help you avoid spoofed sites (i.e. sites masquerading as a legitimate site, but in place to harvest your personal and/or financial information. If you go this route, you're best off going to the main shopping site from your browser, clicking on the app store link from their site, and letting that link redirect you to the correct app on the Apple App Store, Google Play Store, or whatever app store is used by your device.
4. don't Shop on Public WiFi networks
If you're shopping from a public WiFi network in a coffee shop, airport, library, etc. chances are, your traffic is being transmitted unencrypted (aka "in the clear"), which means an attacker could observe and capture this information. Unfortunately, in some scenarios, this can even expose your information when connected to an https: site due to something known as a "man in the middle" attack.
In general, you're best off not shopping on public, unsecured WiFi networks. If you really want to shop on these networks, and wish to do so in a secure fashion, you can use a VPN (Virtual Private Network service) to encrypt your device's traffic. There are some easy-to-use services that help you do this, such as Cloak (Mac and iOS only); TunnelBear (multi-platform), and WiTopia to name a few.
If you're not using a VPN, avoid sending sensitive information (such as your payment card data) over a public WiFi network.
5. Use a good, up-to-date security solution on your computer
Modern anti-virus and anti-malware technology can help protect you while shopping. Many of them not only scan your computer for malicious programs, they also have add-ins for your browser that are aware of know, malicious web sites and can warn you when you're in a dangerous spot.
Paid software is available for this, as well as free options. If you're using Windows and don't want to pay, the built-in Windows Defender is a good option. Companies like AVG, Avast, and Avira also offer free antivirus solutions for Windows and Mac computers.
Many Internet Service Providers (ISPs) also offer free anti-virus or anti-malware licenses to their customers - check with your internet provider to see what is available.
Bottom line, have something in place and keep it up-to-date with current malware and virus definitions.
6. Consider Using Apple Pay or Google Wallet
Whether you're shopping online or in a store, if Apple Pay or Google Wallet payments are available, they offer a safe way to pay. Due to the way the security model on these systems works, your individual payment card details are never transmitted to the merchant.
Instead a one-time transaction credential is shared to enable the payment and a new one is generated each time you pay. That means that even if an attacker gains access to the transaction information they will be unable to use that information for a second transaction.
I hope you find these tips helpful, and I hope you find some great bargains on Cyber Monday!